[Previous] [Next] [Index]
[Thread]
Re: ActiveX security hole reported.
David M. Chess writes in <199608211615.MAA22290@mailhub1.watson.ibm.com>:
>(Of course, there are still issues about whether or not
>you'd want to allow an incoming executable to run, even
>if it *is* signed by a Major Software House, but my guess
>is this will be no more of an issue than it is with current
>shrink-wrapped software.)
>
>There are other scenarios, of course, that assume that you
>can safely accept incoming executables from strangers and
>run them in a tight-enough padded cell, and/or that there'll
>be some easy and feasible method to come to trust authors
>that are not necessarily in the Fortune 50...
ActiveX's security model may be OK for Intranet applets, but is totally
unacceptable for Internet applets. Even though they are very small in
absolute numbers, there are way too many people with diabolical and/or
prankish impulses with too much time on their hands who will be all too
willing to write ActiveX applets and/or hack major sites to substitute their
ActiveX applet for the major corporation's applet (cf. the current DOJ
thread -- there's a lot of hate out there for Microsoft...). The Java
sandbox approach, where capabilities are strictly limited, is the correct
(IMNSHO) approach. Now whether the _Java_ sandbox security model is correct
is a subject for further study by myself (and perhaps another rant, another
day).
======================================================================
Mark Leighton Fisher Thomson Consumer Electronics
fisherm@indy.tce.com Indianapolis, IN